Menu 1

Category Archives: Backup

Understand your Backup Technology – Agent vs Agentless Backup

To be Virtual or not to be Virtual?

The evolution of technology from standalone physical servers to shared resource virtualization, creating resource elasticity and so have other technologies evolved to join the virtualization revolution. Many companies have completed a 100% migration to virtual, some are still in this process.

One key technology that has had to keep up is backup and disaster recovery, simply because whether your files server was physical then and virtual now it is the same data and of the same importance to the business, A lot of companies have had to change backup vendors or purchase a different package or even add-on to facilitate the move possibly even keep certain older licensing behind for legacy system that have not yet been virtualized.

Arcserve has been very flexible in this aspect regarding the migration to virtual, physical server licenses where just carried over to physical hypervisor hosts and restore features such as virtual standby, Instant VM restore and full system high availability allowed for the migration & conversion process to be automated with ZERO data loss and in some cases zero downtime. This has added ease to the migration and sped up the virtual revolution globally.

After the Migration (To Be Virtual)

Backup technologies can offer an additional method of backup, a method that would not install into or alter the production environment any way leaving it hands free, this is the agentless method. The agentless method allows for backup software to speak to the hypervisor vendor API and request actions to be performed on the virtual machines. In the case of backup it would look like below steps on a high level.

Find available servers for backup

Create a temporary snapshot on target virtual disks

Extract backup data from target virtual disks

Transfer backup data to destination

Delete temporary snapshot

This allows for quicker deployments and more efficient backups, however there are concerns.

First concern taking a temporary snapshot of a virtual disk without knowing what I/O operations are completing within the virtual disk at that point in time could result in capturing a partial operations resulting in inconsistency of application data when it comes time to restore. Further API integration such as the use of VIX library for VMware and host integration tools for Hyper V allows for backup software to access guest operating system files and services within the Virtual Target Disks. This creates application aware backups on the agentless process.

A second concern that creating snapshots and holding snapshots can increase used space on the production shared volumes & add a degrade of I/O performance to target virtual machine disk during online agentless backups. When the snapshot is created it the base virtual disk is in a frozen state and a secondary disk (The Snapshot) holds differential data of the base disk, this then bloats the size of the target VM storage usage on shared storage volumes , vendor KBs suggest 10 – 20 % storage increase on high transactional virtual machines while snapshot is present. If you are processing all virtual machines on a single shared storage concurrently you need to make sure that you have at least 10-20% free for storage to burst during backup.

The reason for the added I/O overhead during snapshot usage is that read access to guest OS files would need to read original base files and all differencing data since snapshot creation, the larger the snapshot the more data we can assume is needed to be read.

A third concern is that software snapshots don’t support certain devices so not all disk devices attached to a virtual machine will be captured for examples are, passing through physical disk devices from hypervisor host to the virtual machine, IscsI Mounts, RDM Raw Device mapping of LUN from a storage array and more… What happens in these cases is that a virtual machine has OS disk provisioned as a virtual disk but secondary storage device is directly to a physical array volume. An easy example here would be an application that has redundancy though multiple nodes however share the same data eg. SQL Cluster with shared storage for database.

In cases like these where Agentless is not a fit you need to revert to the traditional backup through an Agent.

Agent Based Backup

Agent based backup is the process of installing a software package from the vendor in the target system, this will communicate with the backup server and utilise target services and resources to perform and capture backup such as shadow copy service and VSS writers like SQL or Exchange writers for application backup. This using the target system resource to create the backup rather than impacting shared resources as on agentless cross shared virtual infrastructure. This can be a lengthier backup windows compared to agentless approach.

A lot of systems are left physical and for good reason. Servers that require physical monitoring or licensing via dongle USB key, systems or application servers that licensing is not compatible with virtual hardware, systems that the virtual infrastructure is dependent on, in cases domain controllers or networking systems.

These systems will still utilise agents for data protection rather than agentless in the fear of virtualising and creating in necessary downtime.

The Migration Magic Wand

With Arcserve, both agentless backups and agent based backups can be sent to the same backup server and data is compared and deduplicated cross technologies, further compressed and stored that is true global deduplication!

As mentioned earlier in the article, Arcserve has changed the virtualization landscape by offering a solution that followed its licensing during migration and facilitated the migration to virtualization.

The question whether or not to virtualise a specific system or application is a hard one and requires planning, testing, more testing and hopefully execution at some point. If we introduce Arcserve into this scenario because of Arcserve being hardware agnostic and hypervisor agnostic we can safely backup a physical system or application online, spin up an Instant VM of the physical server backed up onto the hypervisor of choice and test functionality and impact without down time and without hours or days of preparation once confirmed happy, system is functional we can run another backup repeat or avoid data loss through a Arcserve high availability agent . This would create a virtual instance on request with continuous replication to avoid any data loss.

A few days pass and we realise we have overlooked a specific detail and the system is not performing to business standard as virtualised. It can’t be fixed and we need to return to physical. We simply back up VM agentless or with an agent and run a bare metal recovery to the original hardware or newer. Even simpler, we can create a Arcserve HA BMR to allow us to fail back as a high availability process to the physical servers again.

The Conclusion

Whether you want to virtualize or have virtualized or won’t virtualise, that is 100% your choice but choose a backup and disaster recovery vendor that can transition through those phases without having to repurchase and avoid multiple vendors to complete a single task or single solution.

I end with a Quote

One reason people resist change is because they focus on what they have to give up, instead of what they have to gain. – Rick Godwin

Since the beginning of backup times (almost), backing up specific platforms has typically required an agent optimized for the environment in question. Typically, you’d get one agent installed on each server, the agent would interact with the backup engine/server and do its thing. This became very cumbersome when virtualization exploded, when adding a server (virtual) could be easily done with one phone call to your favorite admin. Not just one, but dozens or hundreds. It meant installing one agent on each virtual machine, which quickly became cumbersome and operationally created data protection gaps and issues.

Along came agentless backup which significantly reduced the difficulty associated with backing up virtual machines. With this approach, you can capture all of the VMs with a proxy server without having to install an agent in each virtual machine. Less administration, less data loss exposure…what else could be better? It certainly made agent backup look old and clunky.

Not so fast…. As is often the case, there’s more than meets the eye. You can’t just go 100% agentless…Here’s why:

With VMware, any virtual machine that does not use native VMFS cannot be properly protected “agentless-ly” leveraging the native VMware API’s. Raw Device Maps (RDM’S), and SQL Cluster disks are both examples where a different File System to VMFS is used.

Our competitor Company V’s agentless technology, for example, can’t protect these systems. In contrast, Arcserve easily can through the installation of an agent. In a recent conversation with our field, we confirmed that we often see customers who use RDM’s being told by Company V that they have to convert them to ‘normal’ virtual machines. That’s a dirty little secret, and something that many customers just won’t deal with. (By the way, this company’s recent announcement around agent deserves serious inspection – a glorified desktop agent is not the same thing as a full-featured server agent.)

To quote one of our field leads: “Our physical server support through the UDP agent install is a significant advantage over Virtual only agentless solutions. The ability to be able to protect and recover physical machines as bare metal, as virtual machines or at an object and file level is obvious, but it also allows us to protect virtual machines that are not supported by the native tools and API’s. There are also circumstances where it may be preferable to install an agent inside the virtual machine – for example if the virtual machine is very large or has a very high change rate, or if the VM Tools are perhaps not properly configured or up to date.”

Also, with our High Availability module, which provides Continuous Data Protection, Fail Over, Fail Back and more, supporting replication and backup of an MSCS cluster running on Windows 2008 R2 in VMware with physical RDM is easy. It is however a big issue with our competitors Company V and Company Z. In addition, remember that Arcserve offers great deduplication, global across nodes. Not everyone does that!

Beware of 100% agentless solutions – they just don’t cut it in many cases!

The purpose-built appliance market has drastically changed in the past year, particularly in the mid-market. Historically, organizations looking to purchase all-in-one backup and recovery appliances only had a few limited choices, and specifically in the sub-100TB segment of source backup data.

The emergence of Arcserve UDP Appliances is changing the game, in particular for existing customers and prospects of Company U. There many reasons to underscore the acceleration of Arcserve UDP Appliances, and the subsequent reversal in market adoption for Company U’s solution.

While I will provide more specific detail below, let me net it out executive summary style:

Arcserve UDP Appliances are more cost-effective and provide more features than company U; one reason being their poor deduplication technology.

Company U’s reviews and tech support complaints on public community boards are at an all- time high.

Arcserve’s business is growing across the board, and our appliances and software have become the natural replacement for the aging and inefficient technologies in many organizations.

The smoking gun

One of the ways to determine marketing claims is to simply take a look at specifications and features. While Company U offers data deduplication – something you need as an end-user – it clearly lacks efficiency compared to the deduplication technology delivered by Arcserve..

How do you check? It’s simple: Take a look at the recommended configurations to see what model you’d need (how much on board-storage) to protect the amount of backup data (source data) you have in your environment, given some retention parameters.

But be careful, because Company U will tell you that its 120TB raw storage system can backup 80TB of data. (As a side note, in talking to customers in the field we believe it’s actually closer to 50TB – but let’s go with 80TB.) Conversely, Arcserve recommends a 30TB raw storage system for protecting roughly 90TB of source data. Note the difference here; needing 120TB vs 30TB to backup roughly the same amount of source data. In addition, it takes a 4U rack for Company U whereas the Arcserve UDP Appliance only requires a 2U rack.

Why does this matter? Read on to learn more about key differences in features and capabilities.

More features – that work

Deduplication:

Arcserve’s deduplication technology is global source-based deduplication. This means that the deduplication is shared across all appliances and/or software/server deployments, and allows us to deliver extremely high levels of storage space savings (please see what our customers said here).

On the other hand, Company U uses a combination of host backup deduplication and inline deduplication, which means there’s always going to be some post-processing of the data. Further, it’s only central to that one appliance – so if you have five Company U appliances, they can’t share the deduplication store.

Recently, Company U added “inline” deduplication – a departure from the initial post processing. However, it’s only file, VMs, Exchange and SQL data. This means data that isn’t inline is still post-processed, such as Oracle data and bare metal file system backup data. In this scenario, you still need a landing a zone and the backup data store needs a lot of storage – hence the specifications discussed above.

Deduplication meets replication – or not:

Arcserve UDP delivers replication across appliances or software RPS servers (UDP’s “brains”) and is a key differentiator. Not only can you do can do restores from these instances, but it’s also great for scalability.

In contrast, Company U doesn’t scale well for the enterprise – each appliance has its own engine, and you have to manage them individually (you can connect from one and see all of them, but there is no global deduplication).

Further, Company U can only do many to one, or one to one – meaning that one appliance can only go to one target of replication. In the words of one customer, “if you have over five appliances, it’s unusable.” There have been many reports of replications issues, where their customers claim “It stops. It’s not working – the replication is cued up and not keeping up.” Alternatively, Arcserve allows you to do many to one, one to many or pretty much any permutation that makes sense for your environment.

Hypervisors:

Bottom line: Company U doesn’t offer cross-hypervisor capabilities. To be fair, they can do Physical to Virtual for Windows machines however to do so, they have to put an agent on the Windows machine and back that up. You can put that image in VMware or HyperV, and on the physical appliance you can run Windows physical backups on their Linux appliance – Windows Instant Recovery. But you would still need an agent on the virtual machines.

In comparison, Arcserve UDP software and appliances support cross-hypervisor recoveries or migrations and agentless backup without limitations. Just what you would expect from a three-time Best of VMworld award winner

User Interface:

Company U debuted a new (much nicer) interface it its 9.0 version. I seem to remember older versions still mentioning OS/2 Warp as OS options, so it was time for a face lift. Nicely done. Except that not everything can be done through it, and you still have to go back to the old interface (that’s what we’ve heard anyway). Oh well.

Cloud: Nebulous:

Company U can go to Cloud, but only directly. While this sounds interesting, you can’t do appliance disk to appliance disk to cloud – or multi-hop, if you will. This is a huge operational limitation, and given the poor deduplication ratios, you likely need to watch you bandwidth closely.

Tape: What?

Check out Arcserve’s impressive support for tape capabilities. Company U offers no support for multiple tape drives, just one drive at a time, and 99% of the vendors are not on the compatibility matrix (I may be exaggerating, but it’s very limited).

Money Talks

Using publicly available list prices, it’s easy to plot a comparison of the cost of protecting 1TB of source data by vendor, based on the publicly recommended specifications. In other words, how much will it cost you to backup 1TB of data with Company U vs. Arcserve. Below are the results with three-year maintenance included (apples-to-apples comparison).

Arcserve also offers a series of models that come with Virtual Standby capabilities. To be complete, here’s what the picture looks like if we compare these models:

Not a day passes without another article about an organization being held hostage with an encryption-based ransom, or ransomware. I am sure the irony of it is not lost on many IT folks: the same tool that is supposed to help secure your data is now used against you in a criminal endeavor. Adding insult to injury, there’s no real way out and you’d better have a Bitcoin account ready to pay up.

Here’s the good news: while it’s not perfect, you already have a great solution in place in your environment to help you out; good old backup. Yes, the unsexy backup function is becoming quite attractive. However, there are some ‘gotchas’ and best practices one must adhere to. Remember, your backup server is a target too.

Many customers have used our solution, Arcserve UDP, to successfully recover affected systems and save their businesses from succumbing to encryption extortionists.. With Arcserve UDP, you can recover a system from scratch and minimize your data loss. Of course, you’d have to get rid of the infected systems and stop the virus from spreading first. However with regular backups, you can significantly reduce the amount of exposure and have the confidence you can recreate a “clean” system. After all, this is a “logical” incident. You would do the same thing if somehow you had corrupted a system and its data; the big difference is the source of the problem.

After discussions with our technical experts, we’ve developed best practices to help you stay out of the ransomware headlines, and keep your business running as usual.

Protect the Source Machine

Take precautions to prevent infection in the first place, such as training users to not click on links within emails, downloading attachments from unknown sources and updating software on a timely basis.

Perform regular backups, which may include rethinking your service level agreements to ensure critical business data is backed up more frequently.

Follow the 3-2-1 strategy for backup: one of the copies should be offline, andat least one of the copies should be offsite.

Make sure your chosen backup solution includes virtual standby for critical systems so that you can get back on your feet very quickly.

Protect the Protector (The Backup Data)

If your backup server gets infected or if your backup data is on a shared network share that is accessible from an infected machine, ransomware can encrypt backup data as well. It sounds obvious, but it’s important to remember!

There is no magic bullet or perfect answer, but it’s important to remember that with an advanced backup solution (such as Arcserve UDP), you have a great tool to help in your fight against ransomware. It starts by educating end users and applying best practices to protect your environment.

In this second and final post comparing Arcserve UDP and Company Vm, we will focus on some very important differences in our respective backup and recovery technology. Let’s first remember that Company Vm focuses only on data protection for virtual environments, and by definition, creates serious gaps in their ability to support hybrid environments.

Support for physical systems is a built-in capability with Arcserve UDP. While many production environments may be highly virtualized, not everyone is 100% virtualized yet, nor do industry analysts seem to believe it will ever be the case. This underscores a very real need to offer support that protects physical systems in addition to virtual servers, or customers have no choice but to run multiple solutions, which is counter-productive and doesn’t deliver coherent restores across the environment. Arcserve UDP supports both physical and virtual sources, and rrestores to physical and virtual destinations.

In terms of flexible recovery options, Bare Metal Recovery (BMR) is a “must-have” in a data protection solution, and allows you to quickly recover when a complete system fails. Customers often resort to “adding on” other BMR products when their “virtual system only” product does not offer this capability. With Arcserve UDP, customers get instant BMR to support local and remote bare metal recovery of Linux physical machines. Instant BMR provides better restore capability and an improved end-user experience by enabling instant access to a target machine prior to the entire recovery process being finished. This feature empowers users to instantly regain access into a failed physical Linux node, and is a first of its kind.

Let’s talk about tape. Tape is not a primary backup medium anymore as most end-users today have adopted disk to disk strategies (i.e. backing up to disk vs. tape). However, there are still many reasons to use tape as a secondary backup medium for long term retention or archival requirements. Company Vm’s V9 technology introduced “advanced” tape support, including parallel processing, concurrent copy sessions and GFS Rotation schemes (Grand Father, Father, Son). However, you can’t “improvise” tape support; it takes years to master it – and Company Vm’s support is very basic. In contrast, Arcserve UDP offers actual advanced tape features, such as: multiplexing (2-32 jobs), multi-streaming, device group and media pool, GFS rotation and synthetic backup, append media, media maximization, media pool manager, tape library option and auto library detection and configuration, bar code support, auto inventory, auto eject media, monitor blank media quantity, tape management and tape vaulting, auto tape cleaning and configurable block size for tape. We could go on, but hopefully you see the stark differences in our tape support.

As far as remote office protection, it’s important to protect business data no matter where your employees are located, and to protect those data nodes in an efficient fashion. Company Vm’s solution requires a separately installed WAN Optimization service (and that’s for their Enterprise edition only). In comparison, Arcserve UDP’s Recovery Point Replication is included in all the versions of our solution, and our Gateway feature provides fast WAN Transfer that makes it highly efficient.

There are also differences in how Arcserve approaches cloud backup and replication, compared to Company Vm. Cloud backup and replication allows for the backup product console to connect to a cloud-based service provider. This lets you replicate VM copies or backup points offsite into the cloud as a disaster recovery solution.

With Arcserve, the target Hypervisor is cross-compatible, and the source and target Hypervisor can differ in this instance. Also, Arcserve supports this on physical servers at the source which allows for physical to virtual (P2V) to the service provider. With company Vm, one of the limitations is if you’re replicating from Hyper-V, your service provider must provide Hyper-V. Not very flexible, is it?

Finally, in contrast to Company Vm’s software and cloud partnership only, Arcserve UDP is available as a software solution but also as an appliance, in addition to the Arcserve Cloud.

We recently introduced the new release of our award-winning Arcserve UDP software, so we think it’s the perfect time to provide a high level comparison between it and Company Vm’s recent V9 release.

Starting with one of the biggest differentiators is choice – we give our customers choice in how to consume Arcserve technology with a variety of integrated offerings, including software, appliances and a DRaaS cloud. We also offer the option of a High Availability (HA) module within Arcserve UDP, which means zero or very close to zero data loss (Recovery point objective =0), and with failover, virtually no time needed for recovery (Recovery Time Objective =0).

In contrast, Company Vm only offers software and cloud partnerships. It doesn’t support physical servers, nor does it offer appliances. Also, the company positions itself as providing “always on” capabilities, however it seems that their definition of availability means getting data back in 15 minutes. We hate to point out the obvious, but this isn’t High Availability, and it certainly isn’t “always on.”

In terms of eliminating redundant data through deduplication, here are the facts:

Using Arcserve UDP, all physical and virtual sources will be included in the same deduplication domain, including physical Linux nodes.

Real life customer results have been astounding, showing a reduction in storage of 500 TBs to less than 13.4 TBs on a backup disk (that’s a 97.3% decrease)! This means a smaller storage footprint and much lower costs.

Company Vm

Company Vm’s deduplication is across a single backup job; hence they recommend an “add-on” Purpose-Built Backup Appliance. Can you hear this noise? Yes, it’s your budget being siphoned off…

Company Vm is focused on third-party storage vendors (HP and Data Domain) to assist in reducing backup storage. Makes sense, if your technology can’t do it, have the hardware guys do it. It’s your money, remember…

In the case of Instant Virtual Machines, we offer more capabilities and recently won three best virtualization solution awards at VMworld – an interesting fact given that Company Vm focuses almost exclusively on virtual environments (whereby we specialize in recovery of all environments). Nevertheless, here a few facts:

We introduced Instant VM in the latest release of Arcserve UDP. Like Company Vm’s v9 release, Arcserve UDP offers vPower Cache functionality, however Arcserve UDP can also support instant VM restore across hypervisors.

Unlike Company Vm, Arcserve UDP can instantly restore a VMware VM onto Hyper-V, and vice versa, while also protecting physical machines and enabling instant VM recovery of a physical node (P2V). It’s evident that instant VM in Arcserve UDP offers more bang for its buck.

We mentioned awards, here’s more detail: Arcserve UDP won three Best of VMworld awards last year. The first was for the Best BC/DR Solution for Virtualized Environments in San Francisco, followed by the Best BC/DR Project and Best of Show in Barcelona. We’re very proud of our achievements, but the best reward is to see our happy customers and the increasing number of businesses switching from the other company’s solution to Arcserve UDP.

13.7 billion years BC – The universe begins as a singularity; those who believe in the “big bang” theory suggest the disaster is on-going…

3.8 billion years BC – The start of life on Earth. The first cell is thought to have arisen from self-replicating RNA what developed later into DNA. DNA is a store of biological data, the genetic information that allows all modern living things to function, grow and reproduce. Put another way, you are the backup of your parents. Say hi to the therapist for me.

65 million years BC – Dinosaurs, not backed up.

13.7 billion years BC – The universe begins as a singularity; those who believe in the “big bang” theory suggest the disaster is on-going…

3.8 billion years BC – The start of life on Earth. The first cell is thought to have arisen from self-replicating RNA what developed later into DNA. DNA is a store of biological data, the genetic information that allows all modern living things to function, grow and reproduce. Put another way, you are the backup of your parents. Say hi to the therapist for me.

65 million years BC – Dinosaurs, not backed up.

48 BC – The burning of the Library of Alexandria. Among others in your “Top 10 Lost Books of All Time,” the second book of Aristotle’s Poetics went up in smoke and humanity was beginning to realize the fatal flaw in their cunning backup plan; paper is actually quite flammable.

1347 AD – The first known insurance contract is signed in Genoa, Italy. This was great for those buying and selling goods and owning property but information is difficult to value, most people would rather have their data back than receive compensation for its loss.

1436 AD – Johannes Gutenberg, a former goldsmith, created the first printing press in Germany. He used his knowledge of metalwork to fashion letters out of an alloy, pressing these against ink and then paper to create a copy. This made the printing of multiple copies considerably faster, a great step forward in data resilience.

1539 AD – Image based backup, born. Henry VIII, King of England was trying to decide who to marry next, he sent the artist Hans Holbein to make a reliable copy of what his list of European princesses looked like. Based on these images, Henry made his choice and proposed engagement to Anne of Cleeves only to discover she looked nothing like he expected. Corrupt data/bad copy.

48 BC – The burning of the Library of Alexandria. Among others in your “Top 10 Lost Books of All Time,” the second book of Aristotle’s Poetics went up in smoke and humanity was beginning to realize the fatal flaw in their cunning backup plan; paper is actually quite flammable.

1347 AD – The first known insurance contract is signed in Genoa, Italy. This was great for those buying and selling goods and owning property but information is difficult to value, most people would rather have their data back than receive compensation for its loss.

1436 AD – Johannes Gutenberg, a former goldsmith, created the first printing press in Germany. He used his knowledge of metalwork to fashion letters out of an alloy, pressing these against ink and then paper to create a copy. This made the printing of multiple copies considerably faster, a great step forward in data resilience.

1539 AD – Image based backup, born. Henry VIII, King of England was trying to decide who to marry next, he sent the artist Hans Holbein to make a reliable copy of what his list of European princesses looked like. Based on these images, Henry made his choice and proposed engagement to Anne of Cleeves only to discover she looked nothing like he expected. Corrupt data/bad copy.

1964 AD – Mass market computing begins, the Programma 101 was unveiled to the public at the New York World’s fair. One of these computers was used on Apollo 11 and it was pretty much… a calculator. “One small step…” (at a time!)

1972 AD – Mainframe computers deliver applications and data at high speed to hundreds of users, in-built hardware redundancy ensures exceptional RPOs and RTOs. The ancient Sumerians would have just lovedthis.

1990 AD – Arcserve 1.0 released by Cheyenne software. The age of distributed computing is in full swing and it is all about backing up to these little rectangular things called “tapes.”

1998 AD – VMware founded in Palo Alto, California. Although the concept of a hypervisor originated from 1960s, it was VMware who introduced hardware virtualization to the mass market. Virtualization will go on to revolutionize backup and disaster recovery.

2006 AD – XOsoft’s WANsync technology is integrated into Arcserve. For the first time mid-market users can perform both backup and full system failover from one solution.

2008 AD – Microsoft releases their competing product to VMware, they call it Hyper V. If you weren’t virtualized before, you are now. Specific software for virtual backup exists but there is little integration with physical servers, tape backups or cross platform Microsoft/Linux.

2006 AD – XOsoft’s WANsync technology is integrated into Arcserve. For the first time mid-market users can perform both backup and full system failover from one solution.

2008 AD – Microsoft releases their competing product to VMware, they call it Hyper V. If you weren’t virtualized before, you are now. Specific software for virtual backup exists but there is little integration with physical servers, tape backups or cross platform Microsoft/Linux.

This was, however, only compatible with Domino on Windows guest. I have since collaborated with Daniel Nashed from Nash!Comin Germany to come up with a creative solution to run an Arcserve Hypervisor snapshot of Domino Virtual Machine running on a Unix/Linux Guest.

Interested? Read on…

Daniel Nashed developed a script for Unix/Linux that would stop domino server. Utilising this script will allow Arcserve to take a DB consistent snapshot through the preferred Hypervisor. The script Bundle is available here. (Please note: the use of blogged scripts are at one’s own risk and should be tested with sandbox or lab copy of your production VMs). There is certain risk in shutting down Domino Server services at every backup, however, a shutdown is the only real solution for ensuring consistency of all databases during backup Snapshot pass.

Using virtualized Lotus Domino as a corporate messaging system on a Unix/Linux guest, the database’s consistency is guaranteed during backup by running custom script Rc_domino_script.

Once you have downloaded the script bundle from Nash!Com the bundle should look like this:

To start, the VM guest requires the relevant Hypervisor tools to be installed e.g. VMware tools or Host Integration tools. This will allow Arcserve to pass commands through the Hypervisor to the VM guest and initiate the script pre-snapshot and post-snapshot.

Next, the above files need to be copied to their relevant locations:

Rc_domino_script is the main script logic. It needs to be copied to the Unix/Linux guest location: /opt/ibm/domio

Rc_domino is the main entry point file for the service. It needs to be copied to the Unix/Linux guest location: /etc/init.d

Rc_domino_config_notes is the configuration file used. It needs to be copied to the Unix/Linux guest location: /etc/sysconfig

These three files all reference one another and are required for pre/post-snapshot.
If you are required to make changes, such as a different username for Domino, you will need to make changes to the config. file and modify the settings in the Rc_domino script. For more detail, refer to Read me or NashCom.

Once the script has been copied, we can now create an agentless plan in Arcserve UDP under plan > setting. In the Advanced tab, add the following commands to reference scripts:

/etc/init.d/rd_domino stop

snapshot

/etc/init.d/rd_domino start

With the above, we are able to successfully snapshot Domino DB on Unix/Linux without an agent and provide application consistency.

2016 is off to an exciting start with Veeam and Arcserve releasing their latest versions. Veeam releaded the V9 Availability Suite and Arcserve released UDP6 (codenamed “Tungsten”).

Side note: Veeam coined the Phrase “RTPO” which is essentially means “RTO and RPO”. Personally, I disagree with this term as I think that the two terms are completely independent from one another: “Restore Time” and “Restore Point”. This is just my opinion.

Both are excellent products. I have had some time to test both capabilities and have done some research on their features. Below, I have a comparison based on the new features of Veeam V9 vs Arcserve UDP V6 and how each one delivers its’ functionality.

Instant VM Restore

An instant VM restore, or IVM, is about mounting your latest backup point to your Hypervisor host as a temporary data store point and registering that VM into the virtual infrastructure for immediate accessibility. It is no longer necessary to wait for your restore to copy points from backup disk into production – with IVM your RTO is seconds to minutes.

Veeam has had this functionality in previous versions, but has added some development: vPower Cache. This feature allows for recently accessed backup files to be cached and this will assist in speeding up instant VM restores, unlike Arcserve’s IVM.

UDP6 has just developed this feature in the new release V6. UDP 6 does have vPower functionality and can support instant VM restore cross-hypervisor, can instantly restore a VMware VM onto Hyper-V. In addition, UDP 6 also protects physical machines and allows for instant VM recovery of a physical node “P2V IVM”. This is very powerful stuff, unlike Veeam’s IVM.

Replica VM – Virtual Standby (For Disaster Recovery)

Replica VM or Virtual Standby “VSB” is a pre-exported conversion of your latest backup point into a virtual machine ready to power up in the event that production VM is lost. This is not a new feature for Veeam or Arcserve, but I would like to compare the two in any case.

Veeam has replica VM functionality , which is easy to use. You can create a replica VM off of the latest backup point or live snapshot process on your production VM. Both Veeam and Arcserve have networking and configuration functionality on these tasks. I would like to mention Veeam’s DR failover plan here. Where the plan is created with a boot sequence of multiple VMs, this failover plan allows you to commit to replica VMs or fail back to production VM.

UDP6 has what is called “Virtual Standby” that very easy to use. You can have a backup plan create virtual instances of the latest backup point. UDP6 VSB supports virtual standby cross-hypervisors and “P2V” (physical to virtual). This would mean you can have a VSB of your Vmware VM on hyper V or vica versa. This also means that you can have a VSB of a physical node onto your hypervisor. In addition, once failed over to VSB from the physical node you are able to restore back to the physical node directly off of the virtual standby to incorporate the latest changes written to the VSB.

Instant Bare Metal Recovery “BMR”for Linux

For Linux physical machines, Arcserve UDP introduces Instant Bare Metal Restore (BMR) to support local and remote bare metal recovery of Linux physical machines. Instant BMR provides better restore capability and an improved end user experience by providing users with instant access to a target machine prior to the entire recovery process being finished. This is done without physical interaction with the Linux nodes across the network though PXE boot solution.

Veeam does not currently support this and has limited support for physical server environments, as it was originally designed for Virtual solutions.

UDP6 provides for exactly what has been described above. Arcserve can instantly regain access into a failed physical Linux node with instant BMR. This is a first of its’ kind and a very powerful feature.

Granular Restore Tools “GRT”

GRT are interfaces that the backup vendor develops to facilitate for granular level restore back into applications. Example: an exchange GRT, allowing single mail items to be restored from a DB backup back into a mailbox into the live exchange DB. Most backup products support file level GRT as this is supported by Windows Explorer.

Veeam refers to a GRT as a “Veeam Explorer” and has in their new release V9 an Oracle Explorer and Veeam has granular VM recovery in Veeam Explorers for Microsoft Active Directory, Exchange, SharePoint and SQL Server.

UDP6 refers to this as “GRT” and has integrated this into the console restore capabilities, rather than having to install a separate feature application. Arcserve must be commended on its exchange GRT as this is very granular, allowing restores of mail down to calendar and tasks back into a mailbox. However, Arcserve currently supports Microsoft Active Directory, Exchange and Linux file/folder on GRT. Granular restores are still possible for Oracle, SharePoint and SQL but rather through its’ own interface.

Corruption Guard or Recovery Point Check

This feature tests the data integrity of the files systems in the backup points to ensure no corruption on backup points and no loss to data or unusable restore points.

This is a new feature for Veeam called “Corruption Guard”. This runs a process similar to check disk CHKDSK that tests and repairs file system data integrity issues on your backup restore points.

This is not a new feature to Arcserve. The feature is called “RPC” or Recovery Point Check. Arcserve will mount the restore point and actively run a CHKDSK on the files system and repair any corruption.

Backup Data Reduction

This is somewhat a large topic as it covers a variety of features. Data reduction on backup mainly consists of compression and global deduplication in most cases. Deduplication is the comparison to data across a deduplication domain only holding one instance of unique data, thus cancelling out redundant data being held on backup. Compression will compact files during backup to shrink the backup size to as small as possible.

Veeam has added a few features and further development on their de-duplication feature.The largest setback on Veeam’s global deduplication is that it’s not so global. The deduplication domain is across a single job – only servers within a plan will be de-duped against one another. There has been added development where multiple VMs within a job can be de-duplicated in parallel across both live backup streams. In addition, they have focused on third party storage vendors’ deduplication (such as HP and Netapp) to assist in reducing their backup footprint to storage.

Another feature, defragmentation and compact, will assist on further reducing the backup foot print over longer retention periods. This will access backup points and remove deleted data or VMs without requiring you to create a new active full.

Scale-out backup repositories (SoBR) and bitlooker are further additions to the V9 release.

Bitlooker allows you to exclude files and folders from your backup (e.g. exclude c:\temp). Further to that, it will allow you to exclude blocks that are marked as deleted. When a file is deleted in Windows, the space isn’t actually wiped clean – Windows just removes that file from the master file table, effectively forgetting about it and allowing future data to occupy the space. Unfortunately, because the data is still occupying space, it is getting backed up. BitLooker recognizes this fact and skips over these files.

The scale-out backup repository allows you to create a backup storage pool using multiple physical storage appliances, thus creating a federated storage repository. This increases write performance, as backups are written in multiple streams to multiple devices and this will also reduce storage cost (because you can repurpose storage devices).

UDP6 has true source side global de-duplication. The deduplication domain is at the backup server (RPS) storage level. Similar to Veeam, storage is presented through Windows or IscsI to Arcserve, but all backups to Arcserve storage repository are de-duplicated against each other, allowing for multiple plans/jobs/policies. This runs at 32k, 16k, 8k or 4k block size levels with a forever incremental strategy utilising CBT change block tracking. This means that only changed data blocks from the source are included into the backup pass. Furthermore, these blocks are compared to the backup storage repository to confirm they are indeed unique, thus massively reducing the storage requirement for backup on arcserve UDP. Both physical and virtual will be included in the same de-duplication domain. UDP6 has included physical Linux nodes into this single de-duplication domain. Impressive lab results have shown that protecting half a Petabyte of storage has left a storage footprint of 13.5TB on backup disk. Whilst the storage features Veeam V9 has developed are beneficial, these seem to be in place to assist their struggling de-duplication protocol or algorithm. Arcserve seems to have hit the nail on the head when it comes to data reduction, leaving backup simple yet efficient.

Stand Alone Console

The console would be the management interface for the backup application where reports and logs, jobs, schedules etc. can be configured.

Veeam has released a standalone console in V9 that allows you to install an application on your workstation that will connect to your Veeam backup servers on the network instead of multiple RDP sessions to your backup servers. The Veeam console is an installed application and so is the standalone server. Performance here is impacted by server or workstation CPU and memory utilization.

This has always been a feature for Arcserve (UDP stands for “Unified Data Protection”). Arcserve offers a unified console that is web based and backed by Tomcat. This has a tiny footprint when it comes to compute overhead and is browseable via Http or Https on any workstation or mobile device on your network.

ROBO Support

ROBO (Remote Office, Branch Office) support allows for your main backup infrastructure to communicate and maintain processes or jobs on your remote sites. This should allow for features such as remote backup/restore capabilities and reporting on multiple sites from a central location.

Veeam previously had issues relaying commands from Veeam B&R console to backup proxies across the WAN sites or VPN tunnels. In V9, Veeam has released Guest Interaction Proxy which allows for a secure SSL connection between sites and proxies back to B&R console. This allows for remote restore across WAN sites and mounting backup points locally. This was a much needed feature for Veeam service providers.

UDP had a similar issue when it came to ROBO solutions where this had to be done through VPN connection. Even so, this worked and was functional to each remote site. In UDP6, the Remote Management Gateway feature allows for secure SSL connections across WAN links to ROBO sites. It allows for all management out of a single console and the ability to configure and push agents from one console for all sites. This compliments the existing unified console.

Cloud Connect (Cloud Backup & Replication)

Cloud backup and replication allows for the backup product console to connect to a service provider service such as storage or compute resource. This will allow the customer to replicate VM copies or backup points offsite into the cloud and pose as a DR (Disaster Recovery) solution.

Veeam has added development to their cloud connect feature. Previously, this only allowed for copying backup points to a cloud target, but Veeam V9 brings the replication feature too.

Previously, I discussed Veeam’s replica VMs. A customer with an onsite Veeam installation can enter details of their Veeam service provider’s Veeam B&R Gateway and replicate replica VMs to their service provider. A limitation is that if you are replicating from Hyper V, your service provider must provide Hyper V.

This is not a new feature for Arcserve. Arcserve does this differently, though. The service provider creates a share plan with credentials and a secondary task to export as a virtual standby on either Hyper V or VMware. These credentials are shared with the customer. The customer will add a task to their backup plan to replicate to a remotely managed RPS server and use the credentials provided. The target hypervisor is cross compatible and the source and target hypervisor can differ in this instance. Arcserve supports this on physical servers too at the source, which allows for P2V to the service provider (“Physical to Virtual”).

Hardware Integrated Snapshots

Hardware snapshots allow the backup software to access the hardware array and initiate a snapshot of a VM of the hardware array, utilising the array compute resource to carry out the backup process. This results in a more efficient snapshot.

Veeam has done a lot of development with various storage vendors and has support on multiple storage arrays, such as NetApp and HP and the new edition in V9 of EMC. Veeam has also released Sandbox for HW snapshots in V9. This creates a clone of a snapshot into an isolated environment for testing purposes directly off the storage appliance, cutting out the unnecessary overhead.

UDP6 includes a hardware level snapshot integration in the new release for Netapp .

Tape

Veeam has released advanced support for Tape in the V9 release. This includes parallel rocessing, concurrent copy sessions and GFS rotation schemes (“Grand Father, Father, Son “). Tape is still underdeveloped for Veeam .

UDP6 has integration into its father product, Arcserve backup, which has been around for over 20 years. With over 20 years of development around tape features and support, it is far superior to Veeam’s Tape functionality. These features include: Multiplexing (2-32 jobs), Multistreaming, Device Group and Media Pool, GFS Rotation and Synthetic Backup, Append Media, Media Maximization, Media Pool Manager, Tape Library Option and Auto Library Detection and Configuration, Bar Code Support, Auto Inventory, Auto Eject Medi, Monitor Blank Media Qty., Tape Management and Tape Vaulting, Auto Tape Cleaning and Configurable Block Size for Tape.

Both products have their features that stand out. In my opinion, a lot of the new features Veeam has added to their suite were pre-existing with Arcserve since 2014 and before the release of UDP. Veeam seems to be playing catch-up. Veeam also doesn’t have a developed protection solution for your physical server workloads. Arcserve has physical and virtual protection features with integration into your environment which allows for physical to virtual, virtual to physical, virtual to virtual, “ Vmware to Hyper V “ restore/conversion functionality.

Arcserve also holds a replication and high availability suite that has been integrated into UDP, which allows for more than just disaster recovery and actually provides what Veeam claims to be: always on, automated fail over and instant replication of your business critical services.

With the new release UDP6, so comes the functionality of instant Linux BMR (Bare Metal Restore) which allows you to recover physical hardware remotely and instantly. This feature would be also be great for Windows environments not yet available.

A great solution for the remote recovery of physical Windows servers is to use Windows Deployment Service (WDS) integrating Arcserve UDP 6 Restore Capabilities with WDS, allowing for remote physical restore. It is no longer a requirement to have an engineer standing in front of your data centre rack to run system state recoveries on your physical system.

In this post I explain how I have created such an implementation and tested it!

The prerequisites are a Windows server and DHCP server (I used Virtual Servers in my testing but it applies to physical servers too).

The process would be to access your physical server through remote BIOS (e.g. ILO, IPMI or IDRAC or similar) and setting the server to network boot, at which point the server will PXE boot the Arcserve Windows BMR ISO files.

I used one server for the implementation: Server 2012 R2, running Arcserve UDP Console and RPS roles. I added Windows roles WDS and DHCP.

This one server had an Arcserve agent, so I created a BMR ISO for X86 and X64 compatible with ADK 8.1. You can create both Windows 8 and Windows 7 compatible boot kit ISOs for Server 2008 and 2012 physical server spreads in your environment.

*One important thing to note: if you run WDS and DHCP on the same server then some properties need to be altered on WDS as they both listen on the same port.

Once your BMR ISOs are created, browse to their location and mount ISOs.

Then open WDS MMC through Server Manager: under “Boot Images” browse, select add boot image and follow the wizard.